1. Technical Field
The present subject matter relates to increasing the amount of secure memory available to a microprocessor-based system on a chip (SoC). More particularly, the subject matter relates to providing additional secure memory within a single semiconductor package, for use by the SoC operating in a secure mode, while keeping the implementation of the secure mode of operation of the SoC and the secure memory self-contained within the single semiconductor package.
2. Background
Many microprocessors used in consumer electronic devices today are designed with two levels of privilege: one for the operating system (O/S); and the other for user software applications. In some microprocessor-based systems the two privilege levels do not provide adequate security, mainly due to the fact that effective implementation of the operating system privilege level (sometimes referred to as protected mode) relies on proper operation of the O/S software. Such reliance on the proper operation of the O/S software can leave a system potentially vulnerable to malicious programs such as computer viruses.
Some microprocessor-based systems have addressed this issue by implementing a third “secure” level of operation, implemented in hardware. This security hardware can block software access to at least some of the major system hardware components (e.g., memory, memory management units, and cache registers). The security hardware monitors the system for security violations and resets the entire system if any such violations are detected. Such capabilities are made possible in great part by the high levels of integration attainable on what is sometimes referred to as a “system on a chip” (SoC).
Because the major operational components necessary to implement a secure mode of operation on an SoC are contained within a single chip, it becomes possible to route the security control signals to the various system components and to selectively disable or enable those components as required without exposing the control signals to the outside world. It also becomes possible for the security hardware to monitor a wide variety of signals within and between the major system components in order to prevent, detect and react to security violations.
However, implementation of a secure mode on SoCs requires that memory used while the system is in secure mode be located within the chip in order to restrict access to its contents. This places significant limitations on the maximum size of the memory available for secure operation. Any increase in memory size means that the chip will either have less capabilities due to the lack of space for additional circuitry, or that the chip size will have to increase, adversely affecting both the cost and performance of the chip.